SAN ANTONIO — Bringing a recent rash of security breaches closer to home, the Bike Waiter on Tuesday confirmed that up to 900 of its customers may have had their personal information stolen.

The local restaurant delivery service warned customers in an email that an “unauthorized user” recently hacked the servers of its third-party online ordering software provider, BigTree Solutions.

The breach only exposes customers who entered new payment card information between Oct. 14 and Jan. 13 and does not affect customers who paid online before or after that three-month period, Bike Waiter co-owner Heather Monroe stressed in a phone interview.

“Overall, we've got a ton of customers so it probably affects maybe 20 percent of business,” she estimated.

In the email, Bike Waiter directed customers to contact their credit card company if they suspect any unauthorized activity occurred on their credit card. The email also included steps customers can take to monitor their credit.

According to Monroe, a U.S. Secret Service investigation tied the malicious code on BigTree's servers to a man in Russia. The breach also compromised the data of customers from several other restaurant delivery services across the nation, including some of Bike Waiter's competitors in St. Louis, Monroe said.

“It's hard for small businesses because everything is hyper-personal,” she added. “It's sad, and we feel very much a victim of this. We can get mad at our software provider, but that doesn't do anything and puts them out of business.”

Bike Waiter will continue to work with BigTree, who reportedly added more protection to its online ordering system. The vendor also engaged a “leading global information security firm” to investigate the incident and to help prevent similar breaches in the future, according to the email.

For customers who discover their bank accounts have been misused, BigTree has offered discount coupons and codes, Monroe said.

“If you have to rearrange your banking information, what is a discount going to do?” she asked. “We want to talk to customers personally and make sure we listen to them.”

Recently, several national retailers have announced hackers broke into their servers.

In December, Target revealed a massive security breach compromised 40 million credit and debit cards and personal information of up to 70 million customers. Weeks later, luxury retailer Neiman Marcus disclosed it too was a victim of a breach that may have compromised 1.1 million debit and credit cards.

Similarly, Irving-based Michaels Stores on Saturday confirmed it launched a probe after learning of possible fraudulent activity on some U.S. payment cards used at the home decor and crafts retailer.

Still, American shoppers don't appear to be taking many steps to ensure their data is more secure.

A new Associated Press-GfK Poll found nearly half of Americans say they are extremely concerned about their personal data when shopping in stores since the Target breach. Sixty-one percent say they have deep worries when spending online, and 62 percent are very concerned when they buy on their mobile phones.

But just 37 percent have tried to use cash rather than paying with plastic in response to data thefts like the one at Target, while only 41 percent have checked their credit reports. Even fewer have changed their online passwords at retailers' websites, requested new credit or debit card numbers from their bank or signed up for a credit monitoring service.

“They ... just chalk it up ... it's part of life,” said Cameron Camp, security researcher at global security firm ESET who believes people don't think they will be liable for fraudulent charges.